Social media login is a popular and easy way to get users started on your platform. With the prevalence of Facebook, Google, LinkedIn, and Twitter usage, providing an option to login with an existing account on one of these platforms makes it much easier to get users onto your platform. It also becomes possible to take advantage of all the features offered by the associated social media site, such as sharing posts or offering additional services to your users based on their network.
Authentication is complex - so much so that there are companies out there focused solely on solving this challenge. Fortunately, these companies also make affordable solutions available to allow the creation of safe and secure login procedures.
Google + Firebase Authentication
Google provides up to 12 sign-in methods: Email/Password, Phone, Google (of course!), Play Games, Game Center, Facebook, Twitter, GitHub, Yahoo, Microsoft, Apple, and Anonymous.
Their free tier works well for prototyping at 10k / month as of this writing. After this amount, they only charge for phone verifications ($0.01/verification) within the US. All other forms of authentication remain free.
Offered by Amazon Web Services, Cognito offers user authentication that scales with your platform. Like Google, they also offer pre-made UIs and libraries so you can easily add it into your app and start registering new users.
They currently support Facebook, Amazon (of course!), Google, and Apple for social media identities, and SAML/OpenID protocols (aimed for Enterprise users).
Beyond 50k, they start charging at $0.00550 per user for the next 50k users, and costs decrease at the next tier. You can view more details (here)[https://aws.amazon.com/cognito/pricing/] for the latest pricing.
Note: Pricing varies by region, but not by too much. The prices quoted are for US-East (Ohio).
A custom option is always possible if one of the above providers doesn't match your use case. Nearly every programming language has a framework that supports custom sign-in methods to speed up development.
My preference is for Node.js/Express, using the Passport.js library to handle user authentication. Passport.js offers many different sign-in 'strategies', so if there's a method that isn't supported by one of the above providers, a custom solution can be implemented with Node.js.
With a custom solution, once the solution has been implemented, it may require occasional maintenance to update packages, update APIs (APIs often change over time), and similar ongoing maintenance, but there won't be a per user pricing like with AWS and Google. The costs incurred will come from the hardware used to run the platform once it's ready to go. There may also be separate costs for a e-mailing service, but that's a discussion for another article.
Which to use?
I would recommend Google for prototyping and MVP development. It's quick and easy to use, and offers solutions to the most common sign-in methods. I would recommend AWS or a custom solution for an established product or for new development of a proven product with a relatively clear vision for its scale and growth (as a result of a successful prototype or similar research).
If you would like to discuss this in more depth, schedule some time with me, and I'm happy to chat with you more about what solution may be a fit for your needs.